<?php


require_once( "_inc.php" );
if ( !empty( $_GET['btnSubmit'] ) )
{
	util::auth( );
	$name = !empty( $_GET['name'] ) ? trim( $_GET['name'] ) : "";
	$oldPwd = !empty( $_GET['oldPwd'] ) ? trim( $_GET['oldPwd'] ) : "";
	$pwd1 = !empty( $_GET['pwd1'] ) ? trim( $_GET['pwd1'] ) : "";
	$pwd2 = !empty( $_GET['pwd2'] ) ? trim( $_GET['pwd2'] ) : "";
	if ( empty( $name ) || empty( $oldPwd ) || empty( $pwd1 ) )
	{
		$tpl->assign( "msg", "缺少参数。" );
		$tpl->display( "_msg.tpl" );
		exit( );
	}
	if ( $pwd1 != $pwd2 )
	{
		$tpl->assign( "msg", "新密码不相同。" );
		$tpl->display( "_msg.tpl" );
		exit( );
	}
	$pwd = $db->fetchone( "SELECT f_userPwd FROM ".$gDb['prefix'].( "admins WHERE (f_id='".$dAdminId."')" ) );
	if ( $pwd != md5( $oldPwd ) )
	{
		$tpl->assign( "msg", "旧密码不正确。" );
		$tpl->display( "_msg.tpl" );
		exit( );
	}
	$newPwd = md5( $pwd1 );
	$sql = "UPDATE ".$gDb['prefix'].( "admins SET f_userName='".$name."', f_userPwd='{$newPwd}' WHERE (f_id='{$dAdminId}')" );
	$db->query( $sql );
	$tpl->assign( "msg", "修改成功！请退出系统，然后使用新用户密码登录。" );
	$tpl->display( "_msg.tpl" );
	exit( );
}
$tpl->assign( "adminName", $dAdminName );
$tpl->display( );
?>
